Last week’s international political news was a dramatic reminder of how inextricably linked technology progress (in this case, 5G infrastructure) and high-stakes global intrigue and even warfare have become.

The speed-up in deployment of 5G networks in the US and worldwide can both dramatically increase the IoT’s benefits (with reduced latency we’ll get a significant increase in the volume of rich, near-real-time data, allowing autonomous vehicles and other hard-to-imagine advances) but also the dangers (the possibility of China, Russia or someone else launching a cyber attack through a “back door” that could cripple our critical infrastructure). That puts the IoT right in the middle of a very tense global diplomatic and technical battle, with the outcome potentially having a big impact on the IoT’s near-term growth.

It also means, as I wrote in The Future Is Smart and elsewhere that it’s not enough to design in privacy protections into your own products and services: if the public and companies lose confidence in the IoT because of an attack aimed at anyone, even the irresponsible companies that don’t worry about security, I learned during my years doing corporate crisis management that there’s an irrational but nonetheless compelling guilt-by-association phenomenon that can destroy confidence in all IoT. Is that fair? No, but that doesn’t mean it’s any less of a reality. That’s why it’s critical that you take an active role in both supporting enlightened federal policy on both 5G infrastructure and IoT regulation, especially privacy and security regulations that are performance-based, rather than descriptive (which might restrict innovation), as well as joining industry organizations working on the privacy and security issues, such as the IMC, Internet of Things Association, and IMC.

In The Future Is Smart I wrote that, counterintuitively, privacy and security can’t be bolted on after you’ve done the sexy part of designing cool new features for your IoT device or service. This news makes that even more the case. What’s required is a mind-set in which you think of privacy and security from the very beginning and then visualize the process after its initial sale as cyclical and never-ending: you must constantly monitor emerging threats and then upgrade firmware and software protections.